Legal claims defining the scope of protection, as filed with the USPTO.
1. A method comprising: activating and controlling a target processor by a security coprocessor, where the security coprocessor and the target processor are separate processors on a same electronic device; generating, by the security coprocessor, a seed for address space layout randomization (ASLR) by executing processor readable instructions stored on a first memory device, where the first memory device is communicatively coupled to the security coprocessor; receiving from a target memory device, by the security coprocessor, a first set of data related to a security proxy being executed on the target processor, the target processor coupled to the security coprocessor via a secure transmission line; determining whether the security proxy is corrupted by checking the first set of data received from the target memory device; and as a result of determining that the security proxy is not corrupted: transmitting the seed to the target processor; requesting the target processor to execute the security proxy to perform ASLR using the seed to obtain start addresses of desired data and instructions in the target memory device; requesting, via the security proxy, a second set of data from the target memory device while the target processor and the target memory device are at a steady state; and monitoring the target memory device by checking the retrieved second set of data.
2. The method of claim 1 , where the seed is a random number.
3. The method of claim 1 , where the target memory device is tightly coupled to the target processor.
4. The method of claim 1 , further comprising: reactivating the target processor subsequent to receiving at least one infected or corrupted part of the second set of data.
5. The method of claim 1 , where the security proxy is a thick proxy.
6. The method of claim 1 , where the security proxy is a thin proxy.
7. An apparatus, comprising: a target processor; and a security processor, where the target processor and the security processor are coprocessors, and where the security processor is configured to: activate and control the target processor; generate a seed for address space layout randomization (ASLR) by executing processor readable instructions stored on a first memory device; receive security proxy data that identifies that a security proxy is not corrupted; transmit the seed to the target processor; request the target processor to execute the security proxy to perform ASLR using the seed to obtain start addresses of desired data and instructions in a target memory device; request, via the security proxy, a second set of data from the target memory device while the target processor and the target memory device are at a steady state; and monitor the target memory device via the second set of data.
8. The apparatus of claim 7 , where the seed is a random number.
9. The apparatus of claim 7 , where the target memory device is tightly coupled to the target processor.
10. The apparatus of claim 7 , where the security processor is further configured to: reactivate the target processor subsequent to receiving at least one infected or corrupted part of the security proxy data.
11. The apparatus of claim 7 , where the security proxy is a thick proxy.
12. The apparatus of claim 7 , where the security proxy is a thin proxy.
13. The apparatus of claim 7 , where the first memory device is communicatively coupled to the security processor.
14. A system, comprising: a security proxy circuit; and a first circuit configured to: activate and control a second circuit, wherein the first circuit and the second circuit are separate processors on a same electronic device; generate a seed for address space layout randomization (ALSR); receive from the second circuit a first set of data related to the security proxy circuit; identify whether the security proxy circuit is corrupted by checking the first set of data received from the second circuit; and as a result of determining that the security proxy circuit is not corrupted: transmit the seed to the second circuit; and request the second circuit to execute the security proxy circuit to perform ASLR using the seed to obtain start address of desired data and instructions in a target memory device, where the security proxy circuit is configured to: request a second set of data from the target memory device while the second circuit and the target memory device are at a steady state; and monitor the target memory device by checking the retrieved second set of data.
15. The system of claim 14 , where the target memory device is tightly coupled to the second circuit.
16. The system of claim 14 , where the first circuit is configured to: reactivate the second circuit subsequent to receiving at least one corrupted part of the second set of data.
17. The system of claim 14 , where the security proxy circuit is a thick proxy.
18. The system of claim 14 , where the security proxy circuit is a thin proxy.
19. The system of claim 14 , where the seed is a random number.
20. The system of claim 14 , where the seed is generated by executing processor readable instructions stored on a first memory device coupled to the first circuit.
Unknown
May 3, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.